openstack
/
ironic-python-agent
Code Issues Proposed changes

Limit memory usage when running qemu-img convert 

This patch is limiting the memory address space to 1 GiB when invoking
qemu-img convert. The qemu-img command can be exploited so we better
play on the safe side (See: bug #1449062).

Change-Id: I2088f74b32d1392310c569cfaa7fd368cb737421
Closes-Bug: #1657808
This commit is contained in:
Lucas Alvares Gomes 2017-01-19 17:16:38 +00:00
parent 7680625994
commit 449cda4fed
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ironic_python_agent/shell/write_image.sh
View File

@ -39,6 +39,9 @@ log "Erasing existing GPT and MBR data structures from ${DEVICE}"
sgdisk -Z $DEVICE
log "Imaging $IMAGEFILE to $DEVICE"
# limit the memory usage for qemu-img to 1 GiB
ulimit -v 1048576
qemu-img convert -t directsync -O host_device $IMAGEFILE $DEVICE
sync

5
releasenotes/notes/limit-qemu-img-ram-usage-d7b7a16ac5e9c917.yaml Normal file
View File

@ -0,0 +1,5 @@
---
fixes:
- |
Limits the memory usage of ``qemu-img convert`` command to 1 GiB to
avoid it from causing the host machine to fail due not enough ram.